According to ArsTechnica, a draft revision to the Computer Fraud and Abuse Act (CFAA), which is being circulated by the House Judiciary Committee, expands the punishments available under the CFAA and, on balance, expands the definition of “exceeding authorized access” – the troublesome clause that should be eliminated in its entirety or dramatically circumscribed as so many legal scholars and practitioners have argued.

A vigorous debate on the answer (and deep disagreement) in a series of posts at The Volokh Conspiracy. Short answer: likely not under present (somewhat uncertain) United States law (including the Computer Fraud and Abuse Act).